package com.creditcmsplt.adapter;


/**
 *配置类,权限认证,配置那些url不需要验证,那些权限需要那种认证
 * @author 雷阳军
 *
 */
//@Configuration
//@EnableWebSecurity
public class SecurityConfig /**extends WebSecurityConfigurerAdapter**/ {
/**
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("user").password("123456").authorities("ROLE_USER");//验证用户
    }
    **/

    /**
     * 进入任何url都需要验证
     */
	/**
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic()
            .and().csrf().disable()
            .authorizeRequests()
            .antMatchers("/credit/***","/index*").permitAll()//放开验证 所有用户
            .anyRequest().authenticated()//所有其他url都需要验证
            .and()
            .formLogin()//使用Java默认表单验证
            .and()
            .logout().permitAll();
    }
    
    @Override
    public void configure(WebSecurity web) throws Exception {
    	web.ignoring().antMatchers("/credit/**","/index*"); // 忽略以credit开头的api教研
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
**/
}
